World-readable permissions for /etc/nullmailer/remotes in Gentoo Nullmailer package before 1.11-r2 allow unauthorized access to SMTP authentication credentials
CVE-2013-4223 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The Gentoo Nullmailer package before 1.11-r2 uses world-readable permissions for /etc/nullmailer/remotes, which allows local users to obtain SMTP authentication credentials by reading the file.
Learn more about our Cis Benchmark Audit For Debian Family Linux.